CVE-2024-9947 — Improper Authentication in Profilepress

CWE-287 — Improper Authentication CWE-276 — Incorrect Default Permissions2 documents2 sources

Severity

9.8CRITICALNVD

EPSS

0.5%

top 33.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Properfraction Profilepress Profilepress Team Profilepress PRO

Timeline

PublishedOct 23

Description

The ProfilePress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 4.11.1. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email and the user does not have an already-existing account for the service returning the token.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

▶NVDproperfraction/profilepress< 4.11.2

▶CVEListV5profilepress_team/profilepress_pro4.11.1

🔴Vulnerability Details

GHSA

GHSA-5438-xrx8-q93j: The ProfilePress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 4↗2024-10-23

▶